Log, Event & Security Analytics with cfxDimensions Platform

May 23rd, 2019

Log Management Challenges

Effective Log Management is a common challenge for many IT organizations and this is due to ever expanding complexity and dynamic nature of IT logs. The logs are generally spread out in many different systems, which makes it difficult to analyze the logs. Further, IT teams are not able to reconcile the logs to gain insights into performance or security issues.

In regulated environments, logs must be accessible anytime and also stored for several years for compliance reasons.

All of this makes log management a challenging task for IT. Let’s look at how Dimensions Log Analytics addresses these problems

We ingest logs, events and metrics from multiple data sources and forward to a load balancer, after which we perform log separation, raw log archival for historical analysis and compliance.

Simultaneously, we also index the logs and perform visualizations. We then feed the vectorized logs data to AI and Machine learning to perform advanced analytics like event correlation, root cause analysis and event categorization.

Log Analysis: IT teams can ingest logs from any managed IT asset, index and archive logs, and get advanced visualization and reporting.

Few customer scenarios include:

Customer had logs spread across multiple element management systems and storage administrators had to sift through numerous logs to identify and detect potential issues. cfxDLA stack helped storage administrators to detect potential disk failures by ingesting syslogs from a NetApp storage systems and made it easy to assimilate and reconcile all the logs from a centralized portal.

In another customer scenario, system administrators had to go through each and every individual Windows server to understand log activities. With cfxDLA stack, system admins were able to visualize all the Windows event logs from central place and easily examine credential failure errors.

In this scenario, logs were ingested from multiple Cisco UCS domains and server administrators were able to detect power supply errors and take up remediation actions.

In this customer scenario, Netflow records were ingested and DLA stack helped identify top talkers, top services, protocols and ports. The chord diagram visually identifies top source and destinations. Network admins can also drill-down to particular device or interface and gain deeper insights about traffic patterns.